Security Engineer at Nordstrom Trunk Club
Working for Trunk Club
When you join Trunk Club, you join the Nordstrom family. Our fast-paced and entrepreneurial environment is paired with the strong history and experience of a retail legacy. We have access to some of the greatest minds in retail and technology and are constantly creating innovative strategies to develop the ultimate apparel solutions. We welcome your adaptability, your curiosity, and your passion to contribute to our unparalleled shopping experience!
Who we are
At Trunk Club, we're building the future of retail, enabled through technology. We have a strong culture of being curious and collaborating. You’ll be working with a small agile IT team consisting of network, security, and systems specialists. This position requires someone who has multifaceted skill sets and who can manage multiple initiatives/tasks. This person must be able to provide clear written/verbal communications to management and users.
- Design, deploy, manage and improve critical security infrastructure services/tools for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management and more
- Help detect, highlight, and close security vulnerabilities that surface during the software development lifecycle
- Integrate with Nordstrom security teams to close vulnerabilities
- Ensure strong system connectivity by ensuring logging, monitoring/auditing and management of security events have clear visibility
- Optimize threat detection and responsiveness across organizations
- Partner with internal and external partners on all information security tasks
- Continually validate technology and process to verify alignment with cyber strategy, risk, and governance
- Prepare and update security documentation including diagrams, standard build documents and best practice procedures
- Partner with Nordstrom security to deliver and optimize security training and principles
- Able to participate in a 24/7/365 escalation process
- Travel is required (10-15%) This role will support our brick and mortar clubhouses and travel to corporate Nordstrom headquarters in Seattle.
- Bachelor’s Degree in Computer Science or minimum of 5 years’ experience in a security focused role
- Understanding of network security concepts & best practices
- Understanding of AWS / Cloud security concepts & best practices
- Demonstrated successful implementation and management of security controls like access management, malware detection, perimeter defense and log management / review
- Understanding of prevention, detection, response and recovery principles of security
- Familiarity with Secure SDLC principles
- Experience working with remote teams across multiple geo locations
- Organized with good written and verbal communication skills
- Ability to manage a project from beginning to end with minimal supervision
- Strong knowledge of and experience with Identity and Access Management, specifically Cloud Identity (Okta, AWS, AD)
- Knowledge of penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, etc
- Strong knowledge of Linux operating systems
- Familiarity with database security
- Knowledge and experience with securing and analyzing indicators of compromise across multi-vendor networks (Cisco/Juniper/Fortinet)
- Knowledge of regulatory and privacy requirements, such as Personally Identifiable Information(PII) Protection and Payment Card Industry (PCI)/Data Security Standard.
- Threat modeling experience is a plus
- Security certifications a plus: GSEC, CISSP, or similar
How we work
With others. We collaborate with Engineering, Business Stakeholders, and Nordstrom counterparts on the daily through multiple communication channels, including Slack.
With transparency. We have an open team room. No cubicles, no private offices.
With agility. We don’t believe in following a process for process’s sake. We are adaptive and focus on delivering incremental value.
With open minds. We are committed to building a diverse team of people with unique perspectives. This encourages a healthy and inclusive environment that builds a more sustainable, successful company.
With pride. We value our people most of all. We invest in ourselves by applying our own strengths and interests to company needs.
A few of our perks
- Lunch-and learns
- Annual stipend for continuous education
- Tech all-hands lunches every other Friday
- Hack days
- Team outings
- Nordstrom discount
- Flexible work environment
- Social environment with built-in bars
Who you are
A teacher. You’re able to mentor your peers and help our team grow.
A learner. You have an insatiable thirst for knowledge and greater understanding.
A pragmatist. Your goal is to create useful products, not build technology for technology’s sake.
A technologist. You’re truly passionate about everything infrastructure and are thirsty to learn more every day.